Cybersecurity experts at OP Innovate have uncovered evidence that CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, was actively exploited nearly three weeks before its public disclosure. This flaw, residing in the /developmentserver/metadatauploader endpoint, lacks proper authentication and authorization controls, enabling unauthenticated attackers to upload malicious files like web shells, leading to potential […]
The post Qilin Exploits SAP Zero-Day Vulnerability Weeks Ahead of Public Disclosure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform